Lesson 5: Cyber Attacks & Technology Risks

Gallagher (Transparent)

It’s easy to forget that railroading, born of a bygone steam age, remains a high-tech enterprise.

The routing and billing of rail freight throughout North America depend on the flow of millions of Electronic Data Interchanges (EDIs). While the auto industry pursues the quest for autonomous vehicles, railroads already employ technology in areas such as positive train control, automated switches, and remote-operated switching locomotives. All of this tech is on top of the normal ways that we have all come to depend upon technology on their desktops, laptops, and at their fingertips.

But the reliance on technology also creates a growing sense of vulnerability. Cyber threats ranked third, slightly trailing business interruption and pandemic outbreaks, in a survey of global business leaders conducted by global insurance underwriter Allianz.[1]

Meanwhile, infrastructure remains a prime target for those who would use technology to make a political statement, cause mayhem, or to collect ransom. And while railroads might not be the most conspicuous form of transportation infrastructure, it is associated with large quantities of hazardous materials and plays a strategic role in the economy, all of which potentially puts it in the crosshairs for cyberattack.

Meanwhile, the growth in the number of employees working from home is eliminating some of the traditional defenses that businesses use, since employees are more likely to use their own consumer-grade networks, devices, and hardware at home while handling the company’s data.

Rail-related companies should consider where they might be vulnerable to cyberattacks and how to best to keep their data and systems secure as part of their overall Enterprise Risk Management exercise.

Lesson 5

[1] Allianz. Allianz Risk Barometer: Identifying the Major Business Risks For 2021. January 2021